Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{1BE268AC-1355-8BCE-1357-9BCE13578ACD}' = ''
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\BT.BAT" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\3[1].exe
- %TEMP%\downfile.txt
- <Текущая директория>\BT.BAT
- C:\Autorun.inf
- C:\ddqqd.exe
- <SYSTEM32>\ddqqd.vxd
- C:\ddqqd.exe
- C:\Autorun.inf
- 'j.##ec.cn':80
- 'localhost':1036
- j.##ec.cn/yulove198712/qq/pp/3.exe
- DNS ASK j.##ec.cn
- ClassName: 'ListBox' WindowName: 'exe_aolai'
- ClassName: 'ListBox' WindowName: 'dll_aolai'